Keep your whitelisted ip address up to date in the digitalocean firewall
This simple golang program will keep your ip address up to date in the digitalocean firewall, so that you don’t have to do it manually.
It’s written in golang so that you don’t need any dependency, simply download the correct executable for your system from the github releases page to run it on:
Alternatively, if you have a Go environment configured, you can install the development version from the command line like so:
$ go get github.com/paolobarbolini/do-firewall-updater
Every time you run it will remove the ip addresses in the old_ips.json
file from your existing rules and replace them with your current ipv4/6 addresses.
Because of this your current ip address must be already present in the rules which you want to keep up to date with your latest ip address before running this program for the first time.
Your new ip address is then saved in the old_ips.json
file after successfully updating the firewall rules.
It supports both dual stack internet connections and ipv4 or ipv6 only connections.
To run it do
/path/to/executable --token DIGITALOCEAN_API_TOKEN --firewall-id THE_FIREWALL_ID
To generate a new api token go to the Applications & API section in the digitalocean control panel and create a new personal access token.
The token must have read and write privileges.
You also have to specify the --firewall-id
or the --firewall-name
argument.
If you prefer using the firewall id but you don’t know it simply look at the url in your browser while browsing the page to edit an existing firewall.
You can also change the url of the api used to get your public ip address by specifying the --ip-api
argument, by default it uses http://v4v6.ipv6-test.com/api/myip.php.
If you also want to keep your ipv6 address up to date make sure that the api you are using also supports connections from ipv6 addresses.
The api http response body must contain only the ip address, json is not supported.
Create a cron job with:
crontab -e
*/15 * * * * /path/to/executable --token DIGITALOCEAN_API_TOKEN --firewall-id THE_FIREWALL_ID
The example will run every 15 minutes.
If you want to update the same firewall from multiple computers with different connections make sure that the cron job doesn’t run at the same time as the other computers to prevent race conditions.
by: Paolo BarboliniAugust 30, 2017Visit site
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Have you created an Integration, API Wrapper, Service, or other Tool that helps developers build on DigitalOcean? Help users find it by listing it in Community Tools.
Sign up for Infrastructure as a Newsletter.
Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.